8868 questions

10533 answers

16512 comments

15846 members

0 votes
598 views 1 comments
by
I have followed this guide https://wiki.teltonika.lt/view/L2TP_over_IPsec to create an IPSEC/L2TP vpn to my server However, there is no textbox to fill the pre-shared key in IPSEC options. I have enabled pre-shared key option and transport. However, the pre-shared key input box is missing. Any help will be greatly appriciated.

1 Answer

0 votes
by

Hi,

It still exists, but in new firmwares it has been moved to a new section. Now it's in the page where all IPsec configuration instances are located (Services → VPN → IPsec).

by

Hello,

This is the same on RUT955. You have to specify PSK per host (or wildchar).

There is slight problem, that the init scripts have not been fully tested. I have been debugging this for last few hours.

/etc/init.d/ipsec script will generate one more entry into /etc/ipsec.secrets

PSK : "0"

Problem with this entry is , that it will match on every host, and use password "0". Solution is to edit /etc/init.d/ipsec and find:

        if [ "$auth" = "psk" ]; then
                echo ": PSK \"$psk_key\" " >>"$File_secrets"
                echo "  leftauth=$auth" >>"$File_ipsec"
                echo "  rightauth=$auth" >>"$File_ipsec"
remove line "echo ": PSK ..... " (or add # in front of it)

I think they moved from psk per host into global PSK list, and forgot this. (Yes Teltonika, you need more testing!)